CVE-2019-15902
Description
A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg() commit reintroduced the Spectre vulnerability that it aimed to eliminate. This occurred because the backport process depends on cherry picking specific commits, and because two (correctly ordered) code lines were swapped.
Risk Information
Base Score
5.6
MODERATE
Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.088
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Linux kernel (USN-4157-1) linux-image-aws_5.0.0.1019.20_amd64.deb | Linux |
| Linux kernel (USN-4157-1) linux-image-gcp_5.0.0.1021.47_amd64.deb | Linux |
| Linux kernel (USN-4157-1) linux-image-gke_5.0.0.1021.47_amd64.deb | Linux |
| Linux kernel (USN-4157-1) linux-image-kvm_5.0.0.1020.20_amd64.deb | Linux |
| Linux kernel (USN-4157-1) linux-image-azure_5.0.0.1023.22_amd64.deb | Linux |
| Linux kernel (USN-4157-1) linux-image-generic_5.0.0.32.33_i386.deb | Linux |
| Linux kernel (USN-4157-1) linux-image-generic_5.0.0.32.33_amd64.deb | Linux |
| Linux kernel (USN-4157-1) linux-image-virtual_5.0.0.32.33_i386.deb | Linux |
| Linux kernel (USN-4157-1) linux-image-virtual_5.0.0.32.33_amd64.deb | Linux |
| Linux kernel (USN-4157-1) linux-image-lowlatency_5.0.0.32.33_i386.deb | Linux |
| Linux kernel (USN-4157-1) linux-image-lowlatency_5.0.0.32.33_amd64.deb | Linux |
| Linux kernel (USN-4157-1) linux-image-5.0.0-1019-aws_5.0.0-1019.21_amd64.deb | Linux |
| Linux kernel (USN-4157-1) linux-image-5.0.0-1020-kvm_5.0.0-1020.21_amd64.deb | Linux |
| Linux kernel (USN-4157-1) linux-image-5.0.0-1021-gcp_5.0.0-1021.21_amd64.deb | Linux |
| Linux kernel (USN-4157-1) linux-image-5.0.0-1023-azure_5.0.0-1023.24_amd64.deb | Linux |
| Linux kernel (USN-4157-1) linux-image-5.0.0-32-generic_5.0.0-32.34_i386.deb | Linux |
| Linux kernel (USN-4157-1) linux-image-5.0.0-32-generic_5.0.0-32.34_amd64.deb | Linux |
| Linux kernel (USN-4157-1) linux-image-5.0.0-32-lowlatency_5.0.0-32.34_i386.deb | Linux |
| Linux kernel (USN-4157-1) linux-image-5.0.0-32-lowlatency_5.0.0-32.34_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-4157-2) linux-image-gcp_5.0.0.1021.26_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-4157-2) linux-image-azure_5.0.0.1023.33_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-4157-2) linux-image-gke-5.0_5.0.0.1023.12_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-4157-2) linux-image-5.0.0-1021-gcp_5.0.0-1021.21~18.04.1_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-4157-2) linux-image-5.0.0-1023-gke_5.0.0-1023.23~18.04.2_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-4157-2) linux-image-5.0.0-1023-azure_5.0.0-1023.24~18.04.1_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-4157-2) linux-image-5.0.0-32-generic_5.0.0-32.34~18.04.2_i386.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-4157-2) linux-image-5.0.0-32-generic_5.0.0-32.34~18.04.2_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-4157-2) linux-image-generic-hwe-18.04_5.0.0.32.89_i386.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-4157-2) linux-image-generic-hwe-18.04_5.0.0.32.89_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-4157-2) linux-image-virtual-hwe-18.04_5.0.0.32.89_i386.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-4157-2) linux-image-virtual-hwe-18.04_5.0.0.32.89_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-4157-2) linux-image-5.0.0-32-lowlatency_5.0.0-32.34~18.04.2_i386.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-4157-2) linux-image-5.0.0-32-lowlatency_5.0.0-32.34~18.04.2_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-4157-2) linux-image-lowlatency-hwe-18.04_5.0.0.32.89_i386.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-4157-2) linux-image-lowlatency-hwe-18.04_5.0.0.32.89_amd64.deb | Linux |
| Linux kernel (USN-4162-1) linux-image-aws_4.15.0.1052.51_amd64.deb | Linux |
| Linux kernel (USN-4162-1) linux-image-gcp_4.15.0.1047.61_amd64.deb | Linux |
| Linux kernel (USN-4162-1) linux-image-gke_4.15.0.1046.49_amd64.deb | Linux |
| Linux kernel (USN-4162-1) linux-image-gke_4.15.0.1047.61_amd64.deb | Linux |
| Linux kernel (USN-4162-1) linux-image-kvm_4.15.0.1048.48_amd64.deb | Linux |
| Linux kernel (USN-4162-1) linux-image-oem_4.15.0.66.86_amd64.deb | Linux |
| Linux kernel (USN-4162-1) linux-image-oem_4.15.0.1059.63_amd64.deb | Linux |
| Linux kernel (USN-4162-1) linux-image-azure_4.15.0.1061.64_amd64.deb | Linux |
| Linux kernel (USN-4162-1) linux-image-oracle_4.15.0.1027.20_amd64.deb | Linux |
| Linux kernel (USN-4162-1) linux-image-oracle_4.15.0.1027.30_amd64.deb | Linux |
| Linux kernel (USN-4162-1) linux-image-aws-hwe_4.15.0.1052.52_amd64.deb | Linux |
| Linux kernel (USN-4162-1) linux-image-generic_4.15.0.66.68_i386.deb | Linux |
| Linux kernel (USN-4162-1) linux-image-generic_4.15.0.66.68_amd64.deb | Linux |
| Linux kernel (USN-4162-1) linux-image-virtual_4.15.0.66.68_i386.deb | Linux |
| Linux kernel (USN-4162-1) linux-image-virtual_4.15.0.66.68_amd64.deb | Linux |
| Linux kernel (USN-4162-1) linux-image-gke-4.15_4.15.0.1046.49_amd64.deb | Linux |
| Linux kernel (USN-4162-1) linux-image-lowlatency_4.15.0.66.68_i386.deb | Linux |
| Linux kernel (USN-4162-1) linux-image-lowlatency_4.15.0.66.68_amd64.deb | Linux |
| Linux kernel (USN-4162-1) linux-image-4.15.0-1046-gke_4.15.0-1046.49_amd64.deb | Linux |
| Linux kernel (USN-4162-1) linux-image-4.15.0-1047-gcp_4.15.0-1047.50_amd64.deb | Linux |
| Linux kernel (USN-4162-1) linux-image-4.15.0-1048-kvm_4.15.0-1048.48_amd64.deb | Linux |
| Linux kernel (USN-4162-1) linux-image-4.15.0-1052-aws_4.15.0-1052.54_amd64.deb | Linux |
| Linux kernel (USN-4162-1) linux-image-4.15.0-1052-aws_4.15.0-1052.54~16.04.1_amd64.deb | Linux |
| Linux kernel (USN-4162-1) linux-image-4.15.0-1059-oem_4.15.0-1059.68_amd64.deb | Linux |
| Linux kernel (USN-4162-1) linux-image-4.15.0-1061-azure_4.15.0-1061.66_amd64.deb | Linux |
| Linux kernel (USN-4162-1) linux-image-4.15.0-66-generic_4.15.0-66.75_i386.deb | Linux |
| Linux kernel (USN-4162-1) linux-image-4.15.0-66-generic_4.15.0-66.75_amd64.deb | Linux |
| Linux kernel (USN-4162-1) linux-image-4.15.0-66-generic_4.15.0-66.75~16.04.1_i386.deb | Linux |
| Linux kernel (USN-4162-1) linux-image-4.15.0-66-generic_4.15.0-66.75~16.04.1_amd64.deb | Linux |
| Linux kernel (USN-4162-1) linux-image-generic-hwe-16.04_4.15.0.66.86_i386.deb | Linux |
| Linux kernel (USN-4162-1) linux-image-generic-hwe-16.04_4.15.0.66.86_amd64.deb | Linux |
| Linux kernel (USN-4162-1) linux-image-virtual-hwe-16.04_4.15.0.66.86_i386.deb | Linux |
| Linux kernel (USN-4162-1) linux-image-virtual-hwe-16.04_4.15.0.66.86_amd64.deb | Linux |
| Linux kernel (USN-4162-1) linux-image-4.15.0-1027-oracle_4.15.0-1027.30_amd64.deb | Linux |
| Linux kernel (USN-4162-1) linux-image-4.15.0-1027-oracle_4.15.0-1027.30~16.04.1_amd64.deb | Linux |
| Linux kernel (USN-4162-1) linux-image-4.15.0-66-lowlatency_4.15.0-66.75_i386.deb | Linux |
| Linux kernel (USN-4162-1) linux-image-4.15.0-66-lowlatency_4.15.0-66.75_amd64.deb | Linux |
| Linux kernel (USN-4162-1) linux-image-4.15.0-66-lowlatency_4.15.0-66.75~16.04.1_i386.deb | Linux |
| Linux kernel (USN-4162-1) linux-image-4.15.0-66-lowlatency_4.15.0-66.75~16.04.1_amd64.deb | Linux |
| Linux kernel (USN-4162-1) linux-image-lowlatency-hwe-16.04_4.15.0.66.86_i386.deb | Linux |
| Linux kernel (USN-4162-1) linux-image-lowlatency-hwe-16.04_4.15.0.66.86_amd64.deb | Linux |
| Linux kernel (USN-4163-1) linux-image-aws_4.4.0.1096.100_amd64.deb | Linux |
| Linux kernel (USN-4163-1) linux-image-kvm_4.4.0.1060.60_amd64.deb | Linux |
| Linux kernel (USN-4163-1) linux-image-generic_4.4.0.166.174_i386.deb | Linux |
| Linux kernel (USN-4163-1) linux-image-generic_4.4.0.166.174_amd64.deb | Linux |
| Linux kernel (USN-4163-1) linux-image-virtual_4.4.0.166.174_i386.deb | Linux |
| Linux kernel (USN-4163-1) linux-image-virtual_4.4.0.166.174_amd64.deb | Linux |
| Linux kernel (USN-4163-1) linux-image-lowlatency_4.4.0.166.174_i386.deb | Linux |
| Linux kernel (USN-4163-1) linux-image-lowlatency_4.4.0.166.174_amd64.deb | Linux |
| Linux kernel (USN-4163-1) linux-image-4.4.0-1060-kvm_4.4.0-1060.67_amd64.deb | Linux |
| Linux kernel (USN-4163-1) linux-image-4.4.0-1096-aws_4.4.0-1096.107_amd64.deb | Linux |
| Linux kernel (USN-4163-1) linux-image-4.4.0-166-generic_4.4.0-166.195_i386.deb | Linux |
| Linux kernel (USN-4163-1) linux-image-4.4.0-166-generic_4.4.0-166.195_amd64.deb | Linux |
| Linux kernel (USN-4163-1) linux-image-4.4.0-166-lowlatency_4.4.0-166.195_i386.deb | Linux |
| Linux kernel (USN-4163-1) linux-image-4.4.0-166-lowlatency_4.4.0-166.195_amd64.deb | Linux |
| SUSE-SU-2019:14218-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-default-extra-3.0.101-108.108.1.i586.rpm | Linux |
| SUSE-SU-2019:14218-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-default-extra-3.0.101-108.108.1.x86_64.rpm | Linux |
| SUSE-SU-2019:14218-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-pae-extra-3.0.101-108.108.1.i586.rpm | Linux |
| SUSE-SU-2019:14218-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-trace-extra-3.0.101-108.108.1.x86_64.rpm | Linux |
| SUSE-SU-2019:14218-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-xen-extra-3.0.101-108.108.1.i586.rpm | Linux |
| SUSE-SU-2019:14218-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-xen-extra-3.0.101-108.108.1.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234